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DETAILED ACTION 

Claims 1-24 have been considered. 

Claim Rejections - 35 USC §112 

Claim 22 recites the limitation "said merger server". There is insufficient antecedent basis for this 
limitation in the claim. Appropriate correction is required. 

Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for 
the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-4,8,12-18, and 21 are rejected under 35 U.S.C. 102(b) as being anticipated by Zubeldia, 
U.S. Patent No. 6,044,462. 

As per claims 1,12, and 16, the applicant describes a method of creating a certificate revocation 
list comprising the following limitations which are met by Zubeldia: 

a) creating a single CRL that is centralized, said single CRL associated with a certificate authority 
(CA) comprising a master server coupled to a plurality of CA clone servers (Col 7, lines 38-40; Fig 6); 

b) maintaining said single CRL with said master server (Col 7, lines 14-15; Fig 6); 

c) receiving notice, from one of said plurality of CA clone servers, at said master server 
containing revocation information regarding a certificate (Col 7, lines 7-11); 

d) updating said single CRL according to said revocation information (Col 7, line 66 to Col 8, line 

7). 
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As per claims 2,14, and 17, the applicant describes the method of claims 1,12, and 16, which are 
met by Zubeldia, with the following limitation which is met by Zubeldia: 

Wherein step d) comprises adding said certificate to said single CRL when said revocation 
information indicates said certificate is revoked, said revocation information associated with a revocation 
event occurring at one of said plurality of CA clone servers (Col 7, line 66 to Col 8, line 7). 

As per claims 3,15, and 18, the applicant describes the method of claims 1,12, and 16, which are 
met by Zubeldia, with the following limitation which is met by Zubeldia: 

Wherein step d) comprises removing said certificate from said single CRL when said revocation 
information indicates said certificate is valid, said revocation information associated with a revocation 
event occurring at one of said plurality of CA clone servers (Col 7, line 66 to Col 8, line 7); 

The applicant should note that when a clone server reports that a certificate is valid, or reinstates 
a certificate, the certificate is removed from revoked status and thus disassociated with a list of revoked 
certificates in the database but still maintained in the database to provide information that the certificate is 
valid. 

As per claims 4 and 21, the applicant limits the method of claims 1 and 16, which are met by 
Zubeldia, with the following limitation which is met by Zubeldia: 

Maintaining said single CRL with a CRL merger service module located at said master server 
(Col 7, lines 14-15); 

As per claims 7 and 13, the applicant limits the method of claims 1 and 12, which are met by 
Zubeldia, with the following limitation which is met by Zubeldia: 

Transmitting said single CRL that is updated to a recipient over a communication network (Col 7, 
lines 29-37; Col 6, lines 57-59); 
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Referring to figure 6, a user requests information through a server which communicates with the 
database and sends the requested information back to the user. The requested information can be a 
validity check or a CRL (Col 6, lines 57-64). 

As per claim 8, the applicant limits the method of claim 1, which is met by Zubeldia, with the 
following limitation which is met by Zubeldia: 

Providing certificate authority services not including maintaining and managing said single CRL at 
each of said plurality of CA clone servers (Col 7, lines 7-11). 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 5,10,11, and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over Zubeldia 
in view of Parkvall, U.S. Patent Application Publication No. 2002/0080719. 

As per claims 5 and 19, the applicant limits the method of creating a CRL as described in claims 
1 and 16, which are met by Zubeldia, with the following limitation which is met by Parkvall: 

Sending said notice over a secure communications channel (Parkvall: [0004]); 

Zubeldia does not disclose sending information over a secure communications channel. Parkvall 
discloses the notion of Stop and Wait ARQ communication between two parties in which one packet is 
sent to a recipient and the sender waits for an acknowledgement before sending a second packet. Thus, 
Parkvall introduces the idea of creating a secure communications channel through acknowledgement 
signals between a sender and a receiver. 
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It would have been obvious to one of ordinary skill in the art at the time the invention was filed to 
incorporate the ideas of Parkvall with those of Zubeldia because doing so provides the clone servers 
assurance that information they send is properly received by the master server and not subject to 
transmission failures. 

As per claim 1 0, the applicant discloses the method of claim 1 , which is met by Zubeldia, with the 
following limitation which is met by Parkvall: 

a) at said one of said plurality of clone servers, detecting whether said notice was received at said 
master server (Parkvall: [0004]); 

b) repeatedly sending said notice until received by said master server (Parkvall: [0004]); 
Through Stop and Wait Automatic Response Request (ARQ), an acknowledgement is sent to the 

sender or clone server if the message is received (part a). Automatic Response Request also includes 
sending a notice to repeat the sending of the message in the case of an error (part b). 

As per claim 11, the applicant discloses the method of claim 10, which is met by Zubeldia, with 
the following limitation which is met by Parkvall: 

Storing said notice if said notice was not received at said master server (Parkvall: [0004]); 

Through Stop and Wait Automatic Response Request (ARQ), the message or packet is stored 
until confirmation that it has been correctly received at which time the message or packet is deleted. 

Claims 5,6,9,19,20, and 22-24 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Zubeldia in view of Oracle (Oracle Internet Directory Administrator's Guide. Release 2.0.6. 1999). 

As per claims 5,6, and 19, the applicant describes the method of creating a CRL as described in 
claims 1 and 16, which are met by Zubeldia, with the following limitation which is met by Oracle: 
Sending said notice over a secure communication channel (Page 3); 
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Zubeldia does not disclose sending information over a secure communication channel. Oracle 
discloses the Oracle Internet Directory, a service which provides directory access control. Among the 
features of Oracle Internet Directory are providing a secure communication channel through a secure 
socket layer (SSL) authenticated access system. 

It would have been obvious to one of ordinary skill in the art at the time the invention was filed to 
combine the ideas of Oracle with those of Zubeldia because doing so makes the system more robust and 
less subject to data manipulation or attacks. 

As per claims 9 and 20, the applicant describes the method of creating a CRL as described in 
claims 1 and 16, which is met by Zubeldia, with the following limitation which is met by Oracle: 

Storing said CRL in a database accessed via a lightweight directory access protocol (LDAP) that 
supports a Secure Sockets Layer (SSL) (Pages 1-3); 

As per claim 22, the applicant describes the limitations of claim 16, which is met by Zubeldia, with 
the additional limitation of an LDAP database. The addition of LDAP is obvious in view of Oracle for the 
reasons given in the rejection for claim 9 (see above). 

As per claims 23 and 24, the applicant describes the limitations of claim 22, which is met by 
Zubeldia in view of Oracle, with the following limitation which is met by Zubeldia: 

Wherein said master server adds a certificate to said centralized CRL after said revocation 
information by one of said plurality of clone server indicates that said certificate has been revoked (Col 7, 
line 66 to Col 8, line 7). 

Response to Arguments 

Applicant's arguments, see Remarks filed 6/7/05, with respect to claims 1,12, and 16 have been 
considered but are moot in view of the new ground(s) of rejection. Upon further consideration of the 
primary reference, Zubeldia does teach the limitations of claims 1,12, and 16 and there is no need to 
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combine the applicant's admitted prior art. The applicant describes his CA to be comprised of a master 
server, CA clone servers, and a database which are met by Zubeldia. 

Zubeldia discloses a method for creating a single CRL in a database (610 of Fig 6) which is 
maintained by a master server (606 of Fig 6). Rather than having to review multiple CRLs to determine 
the validity status of a certificate, a user or client can make a request to a single centralized CRL (Col 6, 
lines 50-56). The examiner points the applicant to Fig 6. The system includes CA clone servers 
(602A,602B, and 602C), a master server (606), and a database (610) which function to provide a 
collective evaluation of a certificate. The system as a whole is functioning as a single CA to a user (616 
of Fig 6). 

Applicant's arguments with respect to claims 5,10,11, and 19 have been fully considered but they 
are not persuasive. The examiner argues there is no motivation to combine Parkvall. The examiner 
disagrees. Parkvall discloses a method of securely transmitting data. Zubeldia discloses transmitting 
data but is silent as to how the data is transmitted. There is motivation to combine Parkvall with Zubeldia 
because doing so strengthens the system by providing assurance that transmitted information is properly 
received and not subject to transmission failures. 

Conclusion 

THIS ACTION IS MADE NON-FINAL. Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1.136(a). 

Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Kevin Schubert whose telephone number is (571) 272-4239. The examiner can normally 
be reached on M-F 7:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Emmanuel Moise can be reached on (571) 272-3868. The fax phone number for the organization where 
this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). 
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